At Innent Inc. we are committed to providing you with exceptional service.  As providing this service involves the collection, use and disclosure of some personal information about you protecting your personal information is one of our highest priorities.

While we have always respected your privacy and safeguarded your personal information, we have strengthened our commitment to protecting personal information under the guidelines of British Columbia’s Personal Information Protection Act (PIPA). PIPA, which came into effect on January 1, 2004, sets out the ground rules for how B.C. businesses and not-for-profit organizations may collect, use and disclose personal information.

We will inform you of why and how we collect, use and disclose their personal information, obtain your consent where required, and only handle your personal information in a manner that a reasonable person would consider appropriate in the circumstances.

This Personal Information Protection Policy, in compliance with PIPA, outlines the principles and practices we will follow in protecting your personal information.   Our privacy commitment includes ensuring the accuracy, confidentiality, and security of your personal information and allowing you to request access to, and correction of, your personal information.

Definitions:

Personal Information – Personal information is defined as information about an identifiable individual under the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Personal Information Protection Act (PIPA)

Contact information – means information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number.  Contact information is not covered by this policy or PIPA.
 

Privacy Officer – means the individual designated responsibility for ensuring that Innent Inc. complies with this policy and PIPA. 

Section 1 – Collection and Utilization of Your Information

1.1 Unless the purposes for collecting personal information are obvious and you voluntarily provide personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection. 

1.2 When you use our services, we collect various types of personal information to ensure that we can provide you with an optimized experience tailored to your needs. This includes a range of data that allows us to facilitate bookings, verify your identity, and provide the services you request. For example, we gather government-issued identification data such as your passport or driver’s license, tax identification number (for property owners), and other relevant information like your country of residence or government redress numbers. This helps us ensure your bookings are secure and meet legal and regulatory requirements.

1.3 We also collect basic identification information, such as your name, username, email address, phone number, and home, business, and billing addresses (including postal codes). This allows us to communicate with you, process payments, and provide personalized services. For payment transactions, we store details like payment card numbers, expiration dates, billing addresses, and bank account information to facilitate secure payments for reservations, bookings, and any applicable charges or refunds.

1.4 To enhance your travel experience, we may gather travel-related preferences, such as your favorite destinations, accommodation preferences, and special dietary or accessibility needs. This data helps us recommend options that best suit your needs. Additionally, we track your participation in our membership programs, including your earning balance, income earned and withdrawn, and membership status. This ensures we can manage your membership and provide you with rewards or benefits.

1.5 We may also gather geolocation data, which can include inferred location from your IP address, the country you've selected to use our website, and your real-time location (if you consent). This helps us customize your experience based on your location, such as showing you relevant travel destinations or assisting with local services.

1.6 If you upload any images, videos, or photos (such as from social media accounts you link to your profile), we collect this content to personalize your experience and help us verify your identity or improve our customer service. We may also collect communications you have with us, such as emails, chat transcripts, and recordings of phone calls with customer service representatives, to respond to your inquiries and ensure we’re meeting your needs.

1.7 We may track how you interact with our website, including the searches you perform, the transactions you complete, and other ways you engage with our platform. This helps us enhance our services and make your experience faster and more convenient. We also gather device data, such as your device type, unique identification numbers, operating system, mobile carrier, and interactions with our site—like the pages you visit, links you click, and features you use. This allows us to understand how our users engage with our services and optimize the platform accordingly. Additionally, we collect information about other people you provide to us, such as travel companions, co-travellers, or those for whom you’re making a booking. This can also include details for minors if you're making a reservation for a child. This ensures that we can offer a complete service for all members of your travel party.

1.8 In some cases, we may also use clickstream data to track and analyze your journey on our website, including the sequence of pages you visit, the actions you take, and the timing of these events. This data helps us improve the user experience and identify areas for optimization. We may also gather basic demographic information, such as your birthdate, age range, and gender, to tailor services and communications to your preferences.You can find our detailed Cookies Policy here, which explains how we use cookies and similar tracking technologies on our website.

1.9 Finally, we recognize the importance of sensitive personal information, which may include data about your racial or ethnic origin, religious or philosophical beliefs, sexual orientation, or health and disability status. We only use this type of data for the specific purposes for which it was collected, ensuring that your privacy and preferences are respected throughout. By collecting and utilizing this wide range of personal information, we aim to facilitate a smooth and personalized service experience, optimize our marketing and customer service efforts, and ensure compliance with legal and security requirements. We handle all data responsibly and securely, with the aim of enhancing your interactions with our platform while safeguarding your privacy.

Section 2 – Consent and Its Method of Collection

2.1 We will obtain your consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent). 

2.2 We may collect, use or disclose personal information without your knowledge or consent in the following limited circumstances: 

• When the collection, use or disclosure of personal information is permitted or required by law.
• In an emergency that threatens an individual's life, health, or personal security.
• When the personal information is available from a public source (e.g., a telephone directory).
• When we require legal advice from a lawyer.
• For the purposes of collecting a debt.
• To protect ourselves from fraud.
• To investigate an anticipated breach of an agreement or a contravention of law.

2.3 Consent may also be implied where you are given notice and a reasonable opportunity to opt-out of your personal information being used for the reasons mentioned under Policy 2, 2.5 and you do not opt-out. 

2.4 Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), you can withhold or withdraw your consent for Innent Inc. to use their personal information in certain ways. Your decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular service or product.   If so, we will explain the situation to assist you in making the decision. 

2.5 Consent can be provided using the check box on our website before registering or confirming the booking or it can be implied where the purpose for collecting using or disclosing the personal information would be considered obvious and you voluntarily provide personal information for that purpose.  

2.6 We gather personal data from various sources: directly from you, automatically from your device, and from third parties like our business or affiliate partners. When we collect your personal information, we do so for specific legal reasons, and the basis for processing this data can vary. First, we may process data based on your consent. This means you've given us permission to do so, like when we send you marketing communications and you’ve agreed to receive them. In some cases, we have a legal obligation to collect and use your data, such as using your transaction history to meet financial and tax requirements under the law.

2.7  We may also process data for the performance of a contract. This means we need to collect your personal information to fulfill our commitments to you, like managing your booking, processing payments, or creating an account at your request. If we ask for personal data to comply with legal obligations or perform a contract, we will make it clear at the time, letting you know if it's mandatory and what the consequences might be if you choose not to provide it.

2.8  In some cases, we may process data based on legitimate interests, which means that processing your data benefits us or helps us improve our platform without overriding your rights. For example, we might use your data to operate or enhance our services, communicate with you about our platform, verify security when you reach out to us, respond to your questions, conduct marketing, or even prevent illegal activities. While we rely on legitimate interests in certain countries and regions, we always assess the impact on your rights before using your data in this way.

Section 3 – Using and Disclosing (Sharing) Personal Information

3.1 We will only use or disclose your personal information where necessary to fulfill the purposes identified at the time of collection or under the following circumstances:

We share your personal information with various parties to help deliver our services and operate our business. For instance, we work with third-party service providers who assist us in delivering services to you. These providers are required to protect your data and can only use it for the agreed-upon services, not for their own marketing purposes unless you've given them permission to do so.

We also share your personal data with travel suppliers, such as hotels, car rental companies, vacation rental property owners, insurance providers, and activity organizers, to fulfill your booking. In some cases, these suppliers may reach out to you for additional information needed to complete your booking or provide the services you’ve requested.

3.2 If we partner with another business to promote a program or offer a product or service, we may share your personal information with that business partner. This helps with marketing or to provide the service or product. When this happens, you’ll usually know the business partner’s name, either alongside ours or when redirected to their website.

For targeted advertising, we may share your personal data with advertising partners who help us deliver ads tailored to your interests. We also work with social media and online platforms to target our marketing efforts more effectively. These platforms may combine the data they hold with the information we share to build “lookalike” profiles and serve ads to users who match those profiles as they browse the web or use social media.

In some situations, we may disclose your personal information to comply with legal obligations or to protect our rights. For example, we may share data to enforce our policies, meet tax or regulatory reporting requirements, or respond to legal requests such as subpoenas. We may also need to disclose your information in connection with actual or proposed litigation or to protect our property, people, and interests. Lastly, if our company undergoes a corporate transaction, like a merger or acquisition, we may share your data as part of the transaction. If this happens, we’ll make sure the buyer understands they can only use your personal data for the purposes outlined in this Privacy Statement. We will not use or disclose your personal information for any additional purpose unless we obtain consent to do so.

Section 4 – Retaining Personal Information

4.1 We are committed to keeping your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Statement or for any legal or business obligations. If we use your personal information to make a decision that directly impacts you, we will keep that data for at least one year, allowing you a reasonable opportunity to request access to it. Generally, we will retain your personal data as required by applicable laws and for as long as it is relevant to meet the purposes set out in this statement, unless a longer retention period is mandated by law. In cases where we plan to use your data for analytical or trend analysis over a longer period, we may deidentify, aggregate, or anonymize it. When we no longer need your personal data, we ensure that it is securely deleted using industry-standard methods, making it impossible to recover or retrieve. However, we may retain residual copies of your personal data in backup systems to safeguard against potential data loss. These backup copies are inaccessible unless restored, and any unnecessary data will be deleted during the restoration process.

4.2 Our retention periods are determined by several factors, including the duration of our relationship with you (such as open accounts, recent bookings, or transactions), any legal obligations we may have to retain certain data (for example, transaction records), and whether there are current legal obligations that influence how long we need to store your personal information, such as contractual obligations, litigation holds, statutes of limitations, or regulatory investigations. Additionally, your personal data may be retained for the purpose of secure backups to protect our systems.

Section 5 – Ensuring Accuracy of Personal Information

5.1 We will make reasonable efforts to ensure that your personal information is accurate and complete where it may be used to make a decision about you or disclosed to another organization. 

5.2 You may request correction to their personal information in order to ensure its accuracy and completeness.  A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought. A request to correct personal information should be forwarded to the Privacy Officer or some of the information can be corrected by accessing the My account option on our website, more information regarding the access, correction and your rights is under Policy 7. 

5.3 If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any organization to which we disclosed the personal information in the previous year.  If the correction is not made, we will note your correction request in the file. 

5.4 Our website is not intended for minors, and we can't always tell the age of those using it. If a minor provides us with personal data without parental consent, the parent or guardian should Contact Us (see the Contact Us section below). If we discover that personal data has been collected from a minor without consent, we will close their account, if applicable. We may need to collect personal data from minors in specific situations, like reservations or family-focused services. When doing so, we ensure that we follow strict rules to protect the data and process it responsibly, with transparency and security. If you're a parent or guardian and have concerns about a minor's personal data, or wish to delete or update it, please reach out to us through the Contact Us section.

Section 6 – Securing Personal Information

6.1 We are committed to ensuring the security of your personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks While no company can guarantee absolute security, we do take reasonable steps to protect your personal data by implementing physical, technical, and organizational measures. Our cybersecurity team works hard to develop and apply security controls to ensure that personal data is collected, stored, and shared responsibly, based on its sensitivity level.

6.2 The following security measures will be followed to ensure that your personal information is appropriately protected: 

- We continuously update our security measures to protect your data from unauthorized access, loss, destruction, or alteration.

- We ensure that our data-handling partners meet the same high security standards.

- Our information security system follows industry best practices and includes regular assessments and all our payments are processed by Square payment gateway which holds the certifications, such as PCI-DSS.

- We use technical measures like verification controls, VPNs, SSL encryption, and multi-factor authentication to safeguard your data.

- We manage and approve employee access to your information and provide ongoing security training to our staff.

- If a security incident affects your personal data, we’ll notify you according to data protection laws and, if required, report it to the relevant authorities.

6.3 We will use appropriate security measures when destroying your personal information as describes in Policy 4, 4.1. 

6.4 We will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security. 

Section 7 – Providing You Access to Personal Information and Your Rights

 7.1 You have certain rights when it comes to your personal data subject to limited exceptions, and we want to make it easy for you to manage those rights. If you have an account with us, you can update your communication preferences by either logging in and making the changes directly in your account or by contacting us through the Contact Us section below. You can also access, update, correct, or inquire about the deletion of your personal data at any time in the same way. If you no longer wish to receive marketing and promotional emails from us, you can unsubscribe by clicking the 'unsubscribe' link in any email you receive. However, keep in mind that even if you unsubscribe from marketing emails, we may still need to send you important transactional or account-related messages that you cannot opt out of.

If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time. You can do this by reaching out to us through the Contact Us section. Withdrawing your consent won’t affect any processing we did before you withdrew consent, nor will it affect our use of your personal data that’s based on other legal grounds.

7.2 A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. In some countries or regions, you have additional rights regarding your personal data. These may include requesting a copy of your data, asking about the purpose behind how we process it, deleting your data, or objecting to how we use or disclose it. You may also be able to restrict how we process your data, opt out of selling it, request to have it moved (portability), and ask about the logic behind any automated decisions. In some cases, you can even ask for decisions made solely based on automated processing, like profiling, to be made manually instead.

7.3 Upon request, we will also tell you how we use your personal information and to whom it has been disclosed if applicable. For more details about your data privacy rights, or if you’d like to make a request regarding your personal data, please feel free to contact us using the Contact Us section below. 

7.4 We will make the requested information available within 30 business days or provide written notice of an extension where additional time is required to fulfill the request. A minimal fee may be charged for providing access to personal information.  Where a fee may apply, we will inform you of the cost and request further direction from you on whether or not we should proceed with the request.

7.5 If a request is refused in full or in part, we will notify you in writing, providing the reasons for refusal and the recourse available to you.

7.6 If you have concerns about how we collect and use your personal data, you also have the right to file a complaint with a data protection authority. However, we encourage you to contact us first so we can work with you to resolve any issues. We are committed to responding to all requests in accordance with applicable data protection laws. If you have the right to appeal a decision we make, we will provide instructions on how to do so in our response to you.

Section 8 – Questions and Complaints:  The Role of the Privacy Officer or designated individual

8.1 The Privacy Officer or Designated Individual is responsible for ensuring Innent Inc.’s compliance with this policy and the Personal Information Protection Act. 

8.2 You should direct any complaints, concerns or questions regarding Innent Inc.’s compliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, you may also write to the Information and Privacy Commissioner of British Columbia. 

You can reach Innent Inc.’s Privacy Officer at Legal@innent.com